Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

192.168.0....up.exe

windows7-x64

10

192.168.0....up.exe

windows10-2004-x64

10

ServerSetup.exe

windows7-x64

10

ServerSetup.exe

windows10-2004-x64

10

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/01/2024, 18:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ServerSetup.exe

  • Size

    11.5MB

  • MD5

    77fe3873e0f3259292c6ec00b9644fb5

  • SHA1

    6f2d2196744836c969d8d046a342aa40dba452d9

  • SHA256

    6534f8b85d746b7cd9d58915754da54904d716e5028e5f28a5468998fbcc98d1

  • SHA512

    054b88da5be36d4372b1bebe00bd2b8230d0d9ed4b15d31101c678ed8a52ef07c7bceb60980fc4318d08f4b3e2569ed412c19057c0809fb3da3127f983c6437f

  • SSDEEP

    196608:/hCQkQ708MCNqZhGciNm2wFrVJE9zVHSAAD+Y/PI61qjdkh:UQkQzqgfNm2eJErSA6v/Q

Score
10/10
modiloadertrojan

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • ModiLoader First Stage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ServerSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\ServerSetup.exe"
    1⤵
      PID:496

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/496-0-0x0000000001720000-0x0000000001721000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-1-0x0000000000400000-0x0000000000F93000-memory.dmp

      Filesize

      11.6MB

      Download

    • memory/496-3-0x0000000001720000-0x0000000001721000-memory.dmp

      Filesize

      4KB

      Download